mirror of
https://git.kiwifarms.net/mint/fedi-block-api.git
synced 2024-10-22 21:39:05 +00:00
Handle CSRF tokens on masto endpoint
This commit is contained in:
parent
46e0ac0c0a
commit
34bbe9e323
1 changed files with 13 additions and 1 deletions
|
@ -297,8 +297,20 @@ for blocker, software in c.fetchall():
|
|||
"followers_only": [],
|
||||
"report_removal": []
|
||||
}
|
||||
|
||||
# handling CSRF, I've saw at least one server requiring it to access the endpoint
|
||||
meta = BeautifulSoup(
|
||||
get(f"https://{blocker}/about", headers=headers, timeout=5).text,
|
||||
"html.parser",
|
||||
)
|
||||
try:
|
||||
csrf = meta.find("meta", attrs={"name": "csrf-token"})["content"]
|
||||
reqheaders = {**headers, **{"x-csrf-token": csrf}}
|
||||
except:
|
||||
reqheaders = headers
|
||||
|
||||
blocks = get(
|
||||
f"https://{blocker}/api/v1/instance/domain_blocks", headers=headers, timeout=5
|
||||
f"https://{blocker}/api/v1/instance/domain_blocks", headers=reqheaders, timeout=5
|
||||
).json()
|
||||
for block in blocks:
|
||||
entry = {'domain': block['domain'], 'hash': block['digest'], 'reason': block['comment']}
|
||||
|
|
Loading…
Reference in a new issue